Changes

Jump to: navigation, search

Password Policy

4,434 bytes removed, 18:54, 26 June 2019
no edit summary
||
You can set a series of challenge questions through which all users will be prompted to select one upon next login. Their answer to that question will be stored in the system, and if they forget their password, they will be prompted to enter this answer and click the activation link in the '''Forgot Password '''[[Email#Email Templates for User Activation and Password|email template]]. 
 
* '''Note: '''The best challenge questions will have answers that are simple, memorable, not easy to guess, and will not change over time. 
'''Example of Challenge Questions: '''
: ''In what city or town was your first job?;''<br />''What is your mother's maiden name?;''<br />''What was your first pet's name?;''<br />''In what year was your father born? ''
 
|}
====Password Reset Message====
:: [[File:Password reset message custom.png|800px|border]] 
DescriptionIn the text field box, write the content for the '''Reset Password '''message that a user will see if they need to reset their password. You may select between a default template or you may choose to make it custom. 
====Persistent Login====
The '''Persistent Login''' functionality provides for the use of a persistent secure cookie on the [[SmartSimple]] [[User|user]]'s computer to eliminate the need to use a username and password to log into the system. 
Rather than having to log in to SmartSimple each time you open your web browser, a "cookie" can be installed on your computer that will automatically authenticate you, allowing you to bypass the login screen. (This setting can be [wiki/System_Security_Permissions#Miscellaneous_Feature_Permission enabled or disabled] by your system administrator). In order for this feature to work, you must have the user's browser enabled to accept persistent cookies.
 
===Expiration of Inactive Accounts===
'''This feature will be deprecated in the July 2016 upgrade.'''
'''Disable Inactive Accounts''' provides the ability to automatically disable a user account after a predetermined period of time. A password reset is required by the user to regain access to the system. The main options are:
 
* '''Disable user accounts after ''[X]'' days''' - The number of days a user account is inactive before it is disabled. Leave this field blank to disable this feature.
* '''Apply Policy to All Sub-Companies''' - Click button to force-update the password policy of the current company and all sub-companies. '''Note:'''This is applicable when an organization has a root company and a one or more sub-companies each with it's own password policies.
* '''Disabled Inactive Account Message''' - The text to be displayed to a user trying to access an expired account.
 
===Password Settings Section===
This section is used to set password attributes.
 
::: [[File:Password general settings.png|450px|border]]
'''Maximum Password Update in 24 Hours''' – Sets the maximum number of password changes a user can make within a 24 hour period can be defined. This is to prevent users bypassing the password history restriction by changing their password repeatedly to return to a previously used password. This setting only pertains to password changes by use of "Update Password" by user, not to the "Forgot Password" link or system administrators using "Set Password."
 
'''Password length''' – the minimum length allowed for a [[Password|password]], between '''6 and 32 characters'''.
 
'''Data Restrictions''' - passwords set by users can be restricted so values such as first name, last name or organization name cannot be used in the password. Any number of fields can be selected from both the organization or the user profile; standard and custom fields are supported.
 
[[image:password-008.png]]
 
In the example above City, Country and Phone fields have been selected from the user's organization record and first name, last name, birthplace and nickname fields have been selected from the user profile.
 
 
 
====Password Complexity====
'''Complexity''' – the level of complexity required in the [[Password|password]], the options are:
 
* '''No Restriction''' – any character can be used. This is the default.
* '''Alpha Only''' – only letters can be used.
* '''Alpha & Numeric''' – letters and numbers must be used in the password.
* '''Alpha & Numeric & Special characters''' – letters, numbers and special characters must be used.
* '''Custom Policy''' - a password policy can be custom defined.
 
====Custom Policy====
* The '''Compose Custom Password Policy''' table provides the ability to define the custom password policy that matches your organization's security standards and provides control of each character type desired (upper case, lower case, numeric and/or symbols). You can also specify the minimum number of characters required for that character type.
<pre style="white-space: -o-pre-wrap; word-wrap: break-word;">&lt;!--@sslogic('@langid@'='2')-->&lt;br>@system.Password Policy - French@&lt;!--@else-->&lt;br>@system.Password Policy@&lt;!--@end--></pre>
===New Password Settings ===[[image:password003.png|border]] * '''Force Password Change''' - Appears with button marked '''Expire All Passwords Now'''. Ensures that all users will be forced to rest their password when they next log in. * '''First Login''' - Ensures that the user selects a password of their own choosing the first time they log into [[SmartSimple]]. <br />''(Does not count towards'' Maximum Password Update in 24 Hours ''setting.)'' * '''Password Expiration''' - Each user will be forced to change their password once the selected number of days has passed. Any number of days can be set. * '''Password History Check''' - You can set the number of previous passwords (to a maximum of 32) that the system will remember for each user. When changing their password, users will not be permitted to re-use a previous password until the specified number of unique passwords have been used.   ===Password Activation Settings ===Password Activation Settings can be set to add an extra layer of security to the system. These settings pertain to users who use the "Forgot Password" link on the login page. [[Image:Password-Activation-Settings.png]] * '''Default Security Code''' - A hard-coded value to be entered when users request new passwords. * '''Activation link life span''' - Works with the @activationlink@ [[Password Variables to Set or Reset User Passwords|password variable]]. If the '''<nowiki>https://@url@@activationlink@</nowiki>''' syntax is used in the ''Request Password'' section of [[User Email Templates]], this setting sets the duration that the activation link will be valid. * '''Challenge Questions, delimited by semi-colons''' - You can set a series of challenge questions, all users will be prompted to select a [[Challenge Question]] on next login. Their answer will be stored and they will be prompted to enter this answer if they forget their password and click the activation link in the "Forgot password" email template. : [[Image:Challenge-question.png|link=]]: '''Note:''' An example of a good challenge question would be something that is simple, memorable, can't be guessed easily, and won't change over time.
===Rules for Password Activation Settings===
When a company has password settings configured, then these will be used in full.
2,299
edits

Navigation menu